- Business areas
- Application areas
- Work with us
- Right now
- About us
The management of digital identity is vital to enable the full realization of corporate services on the internet. In particular, interactions that carry a high level of risk face challenges on the Internet, for example the handling of critical data such as health information, financial information, personal information and financial transactions.
The level of trust provided by existing digital identity management practices is often insufficient for users to engage into this type of transactions. What international standards for digital identity management are relevant for companies to provide secure and useable services?
How should companies approach these strategic questions on identity, and which technologies and services should they be aware of?
Berit Naomi Skjernaa, Security Lab – the Alexandra Institute and Anette Broløs, CFIR and Innovation Network for Finance IT
|9.15–10.00||Reasons to move towards OpenID Connect and insights into Deutsche Telekom’s implementation
Torsten Lodderstedt, Deutsche Telekom
|10.20–10.45||Identity within Danish healthcare
Michael Bladt Stausholm, the Alexandra Institute
The Rump Session is the informal part of the programme where participants get a 5- to 10-minute slot to present a topic – either business or academic, or perhaps with a humorous twist. Read more below to see how you can contribute.
Lars Møller Kristensen, Signicat AS
|14.00–14.45||UMA: Could I manage my own data, please
Andrew Hindle, the Kantara Initiative’s UMA Working Group
|15.05–15.50||Battle stories from the front of identity federation in the academic world
David Simonsen, WAYF
You can contribute to the Rump Session by sending your input to Berit Naomi Skjernaa at email@example.com. State name(s) of speaker(s), heading, brief description of your input (max. 240 characters) and desired time slot (max. 10 minutes). Deadline for your input is Friday 28 November at 12:00. Proposed inputs will be published on this website as we receive them. Please note that we may have to select among your contributions and shorten the inputs, depending on the time available.
SEE INPUTS TO THE RUMP SESSION.
UMA: COULD I MANAGE MY OWN DATA?
Andrew Hindle, the Kantara Initiative’s UMA Working Group
The Internet has fundamentally changed our personal and professional worlds. Convenient access to data and services at work, at home, and on the road is now a norm; and security deployments are catching up: properly deployed, modern security standards improve safety and provide a better user experience. But we’re not done yet. To really get the most out of this new universe, we need services, devices and data to be able to interact. For that to happen safely, we need to put the user - the owner of the data - back in charge of their own information; to make privacy the default, not the exception. In this session, Andrew will present an emerging Kantara Initiative standard: User Managed Access. After a brief tour through the background, evolution and current state of UMA; we’ll look at the standard itself and, supported by a series of example use-cases, examine how UMA can help put the the information owner back where they should be: back at the centre, and back in control.
About Andrew Hindle
Andrew's expertise in digital business, security and identity is built on over 18 years experience in a broad range of private and public sector projects in Europe, Asia Pacific and North America. Andrew held a range of technical architecture and product management positions with leading software companies including Allaire, Macromedia, Adobe and, most recently, Ping Identity, where he was variously responsible for international business development and worldwide technical marketing during his 7-year tenure. He currently provides independent technical and business development consulting services for a number of providers and end-users in the identity, security, and IoT sectors; he is a member of the UMA Working Group, and is a regular contributor at cloud and identity conferences.
BATTLE STORIES FROM THE FRONT OF IDENTITY FEDERATION IN THE ACADEMIC WORLD
David Simonsen, WAYF
The academic community is regarded as the frontier of federated identity solutions. The presentation will introduce the basic concept of identity federation, three well-established architectures and the status on inter-federation acitvities (across sectors and national borders). Various issues regarding technical, operational and legal aspects and issues will be highlighted.
About David Simonsen
David Simonsen is head of WAYF - Where Are You From, the Danish federation for higher education and research provided by the Danish e-Infrastructure Coorporation (DeIC). DS has for almost a decade been active in the international community for national research and educational networks, focusing on federated identity solutions. DS is member of an international group of governments focusing on citizen facing services, based on federated identity.
Lars Møller Kristensen, Country Manager Signicat
The challenges of going online with business processes are many. One of them is how to identify and trust customers, clients or users from many different nationalities. Being able to adopt to the different national eID’s is one way; implementing own eID schemes is another. What is the overall status in the European countries regarding eID and how are companies handling the challenges introduced by different national infrastructures.
About Lars Møller Kristensen
Lars Møller Kristensen has been working with security including electronic identities for the past 15 years. He participated in the first EU pilot project around electronic signature followed by the first national eID scheme in Denmark back in 2002. As a Country Manager for Signicat, Lars Møller Kristensen is responsible for meeting customers' requirements in both eID and eSignature, making these technologies bring business value to the customers of Signicat.
Signicat is a secure cloud service provider with deep expertise in online electronic id (eID), advanced electronic signatures and PKI solutions. The widest coverage of national and public eID's in Europe accessible through one single point of integration based on standard protocols. Signicat continuously invests in connectors for leading platforms such as Oracle, IBM and Microsoft, offering a secure and smooth integration for more than 150 high demanding customers cross border in areas like internet banking, funds, cards, eCommerce, oil and gas. The services are available cross channel on multiple devices. Signicat offers services for the entire lifecycle of signed data objects (SDOs), including certificate handling, time stamping, archiving, and automatic resigning for long time validation. Signicat services are compliant with EU standards defined by ETSI.
REASONS TO MOVE TOWARDS OPENID CONNECT AND INSIGHTS INTO DEUTSCHE TELEKOM'S IMPLEMENTATION
Dr.-Ing. Torsten Lodderstedt, Deutsche Telekom
Deutsche Telekom operates an identity management service, which allows customers in Germany to access Telekom services via a single login, the Telekom Login. Efficiently integrating apps and portals into the Telekom Login ecosystem is a key aspect to enable short time to market for new products. Deutsche Telekom's identity management team therefore continuously seeks for standard protocols, which are easy to use and fulfill respective security requirements. In mid 2013, Deutsche Telekom adopted the OpenID Connect protocol, which is now the preferred API for partner integration. This presentation explains the reasons to move towards OpenID Connect and provides insights into Deutsche Telekom’s implementation.
About Dr.-Ing. Torsten Lodderstedt
Dr.-Ing. Torsten Lodderstedt has been working in the identity management space at Deutsche Telekom AG for the past seven years. In his current position as Head of Development, he leads the development of enabling services for identity and contract management as well as payment. He is also an identity management evangelist within Deutsche Telekom AG and regularly contributes Deutsche Telekom's experiences and perspective as a subject-matter expert at standardization bodies, such as IETF and OpenID Foundation, and cross-operator organisations, such as GSMA. He is a contributor to the OAuth 2.0 und OpenID Connect specifications and author of the OAuth 2.0 threat model and security considerations. He recently was elected as the Corporate member representative to the Board of Directors of the OpenID Foundation and chairs the Mobile Profile for OpenID Connect working group. In his previous positions as consultant and IT architect, he helped customers in several domains (public, banking, railway communication, telecommunication) since 1996 to implement highly scalable and secure applications. For example, he was the responsible security architect of the passenger information system of the New York City subway.
The Alexandra Institute
Innovation network for finance IT (Innovationsnetværk for Finans IT)
Council of digital security (Rådet for Digital Sikkerhed)